Gnu sasl
This hub aggregates every CVE we track for Gnu sasl, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
2
CVEs tracked
0
Critical
1
High
0
In CISA KEV
Severity distribution
LOW1HIGH1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
2024-072026-06
Latest CVEs
The 2 most recently published vulnerabilities affecting Gnu sasl.
- CVE-2026-48829In GNU SASL before 2.2.3, DIGEST-MD5 has a NULL pointer dereference affecting both clients and servers, via a known token with no accompanying = character. This occurs in lib/digest-md5/getsubopt.c.7.5
- CVE-2022-2469GNU SASL libgsasl server-side read-out-of-bounds with malicious authenticated GSS-API client3.8
Product normalization is registry-driven with AI assist and human review. How it works